Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/_8FWplsh9X_asp25E94ZQL8gJt8.roa
File: _8FWplsh9X_asp25E94ZQL8gJt8.roa (raw, json)
Hash identifier: EvXbv3aFeVHLkHGBAyqScz5rhMrdDotHlsFiCC1+pK8=
Subject key identifier: FF:C1:56:A6:5B:21:F5:7F:DA:B2:9D:B9:13:DE:19:40:BF:20:26:DF
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: 0D
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/_8FWplsh9X_asp25E94ZQL8gJt8.roa
Signing time: Mon 18 Mar 2024 09:57:15 +0000
ROA not before: Mon 18 Mar 2024 09:57:15 +0000
ROA not after: Wed 26 Feb 2025 15:30:21 +0000
asID: 19551
IP address blocks: 157.20.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Mar 18 09:57:15 2024 GMT
Not After : Feb 26 15:30:21 2025 GMT
Subject: CN=FFC156A65B21F57FDAB29DB913DE1940BF2026DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2f:52:8a:f2:d5:24:92:3b:21:3a:b4:e7:b3:
d5:58:55:37:14:d3:95:fb:16:b9:93:c7:51:0f:95:
b2:8e:02:2a:29:a7:ed:bc:7d:98:65:9a:d2:75:b8:
37:e5:09:5e:36:8f:13:f9:03:e1:04:cb:10:e2:5a:
b4:c0:b7:7f:5b:b7:73:45:b6:c4:98:93:b8:52:9f:
7e:f9:1f:2f:a8:28:8e:4c:47:cb:7d:e1:67:9e:42:
f6:14:e7:74:a3:3d:84:c6:4f:b0:c6:2e:f1:87:cd:
c6:89:8a:dc:b6:9b:7d:10:62:0a:f4:78:b2:74:cf:
43:e9:0e:7d:2f:99:13:e1:92:f0:19:42:a4:0b:90:
2d:19:e0:fc:3e:d1:81:6b:e9:79:8e:6e:59:d4:3a:
27:26:89:6c:b8:67:8f:fd:1c:66:ed:fe:b2:77:fe:
a5:e5:84:49:19:d0:8f:c1:e1:54:2a:06:64:e0:5a:
d8:88:28:4f:ce:79:e4:44:ef:31:ec:ce:6c:42:53:
65:a4:fb:ee:3c:5b:6e:d7:d0:8b:67:44:17:d2:20:
fb:5d:c7:92:22:f2:a2:35:29:19:47:77:87:f8:7c:
de:fe:33:13:3e:19:a2:98:27:6a:95:5f:84:f7:a9:
9b:01:bc:5b:d5:dc:32:12:2b:08:95:b9:d7:f9:d2:
32:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C1:56:A6:5B:21:F5:7F:DA:B2:9D:B9:13:DE:19:40:BF:20:26:DF
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/_8FWplsh9X_asp25E94ZQL8gJt8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a1:b9:e7:85:30:b4:b2:05:25:0b:17:ca:e6:f0:a6:45:8d:
c3:e1:27:79:da:9a:e5:6f:4d:2d:2d:5c:b4:07:2a:4c:7b:96:
60:61:ac:d8:4b:d4:76:bf:31:61:14:eb:2d:5a:5a:f3:8f:b2:
05:80:7e:53:93:55:87:d4:4d:28:fd:af:f9:27:18:7e:c7:eb:
ca:f7:78:fe:a6:fe:d5:43:18:bf:64:55:ae:68:38:f5:54:1e:
6a:9d:9f:f0:2b:f8:c6:d2:a6:64:a1:49:38:66:82:a6:87:60:
94:fe:c6:2e:d1:1e:9f:4b:5c:e1:a6:27:ae:70:0b:1a:80:24:
39:d2:d9:3a:a3:65:41:50:a7:e3:29:68:eb:31:4c:0b:fc:37:
bb:50:3c:1e:60:6b:57:07:f0:f7:e4:e0:68:48:9d:68:cb:09:
ea:8e:52:81:20:27:58:56:d7:53:ef:95:d1:63:b0:02:37:fd:
be:da:de:d4:fb:90:01:5e:67:6f:b7:ba:86:f0:22:20:1d:24:
df:8d:08:a3:54:db:49:3e:94:74:96:6a:c8:e6:94:98:4c:c4:
40:c7:3a:32:49:bb:f4:f9:41:ad:25:a1:2a:f6:1d:72:14:76:
00:65:0f:bf:92:5d:fe:cb:05:56:7d:7c:d9:3e:42:f5:2f:d9:
e0:c2:f2:7d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwN0Uz
NkEzRDIxOUE4QUZDODRGODhCMzA1NTNFNjM4Q0U2QzJDRUNFMB4XDTI0MDMxODA5
NTcxNVoXDTI1MDIyNjE1MzAyMVowMzExMC8GA1UEAxMoRkZDMTU2QTY1QjIxRjU3
RkRBQjI5REI5MTNERTE5NDBCRjIwMjZERjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL8vUory1SSSOyE6tOez1VhVNxTTlfsWuZPHUQ+Vso4CKimn7bx9
mGWa0nW4N+UJXjaPE/kD4QTLEOJatMC3f1u3c0W2xJiTuFKffvkfL6gojkxHy33h
Z55C9hTndKM9hMZPsMYu8YfNxomK3LabfRBiCvR4snTPQ+kOfS+ZE+GS8BlCpAuQ
LRng/D7RgWvpeY5uWdQ6JyaJbLhnj/0cZu3+snf+peWESRnQj8HhVCoGZOBa2Igo
T8555ETvMezObEJTZaT77jxbbtfQi2dEF9Ig+13HkiLyojUpGUd3h/h83v4zEz4Z
opgnapVfhPepmwG8W9XcMhIrCJW51/nSMtkCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBT/wVamWyH1f9qynbkT3hlAvyAm3zAfBgNVHSMEGDAWgBQH42o9IZqK/IT4izBV
PmOM5sLOzjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0NDL0It
TnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Qi1OcVBTR2FpdnlFLUlzd1ZUNWpqT2JDenM0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9fOEZXcGxzaDlYX2FzcDI1RTk0WlFM
OGdKdDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRRqMA0G
CSqGSIb3DQEBCwUAA4IBAQA5obnnhTC0sgUlCxfK5vCmRY3D4Sd52prlb00tLVy0
BypMe5ZgYazYS9R2vzFhFOstWlrzj7IFgH5Tk1WH1E0o/a/5Jxh+x+vK93j+pv7V
Qxi/ZFWuaDj1VB5qnZ/wK/jG0qZkoUk4ZoKmh2CU/sYu0R6fS1zhpieucAsagCQ5
0tk6o2VBUKfjKWjrMUwL/De7UDweYGtXB/D35OBoSJ1oywnqjlKBICdYVtdT75XR
Y7ACN/2+2t7U+5ABXmdvt7qG8CIgHSTfjQijVNtJPpR0lmrI5pSYTMRAxzoySbv0
+UGtJaEq9h1yFHYAZQ+/kl3+ywVWfXzZPkL1L9ngwvJ9
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:32:47 2025 by rpki-client